Home / Blogs

Buying Open Source… It's a Different Ecosystem

Peter HJ van Eijk

A lot of organizations are interested in open source software, but fail to give it a fair chance compared to proprietary solutions. One reason for this is that the typical invitation to tender process puts open source at a disadvantage. Open source, as it happens, is made in a different ecosystem.

The software acquisition process often focuses on licenses, and this is where the first mistakes are made. Recently a (Dutch) municipality burned its fingers because they asked directly for Microsoft licenses in an invitation to tender. It is also common that organizations ask for experience with licenses that represent a certain turnover. But how many vendors have ever earned money on licenses of open source? None. So who has the money to respond to such invitations to tender? Nobody!

Beyond licenses, an organization wants software support because this guarantees the continued useful deployment of this software. For proprietary software it is necessary that their vendors provide long term support, because no one else provides the software. The management of this risk demands that you ask the relevant vendor for guarantees. Even then, this is not always sufficient. For example, organizations that still run on Siebel or IBM OS/2 still have a problem.

Open source does not have such vendors (yet), and demanding long term support will then put open source at a disadvantage and actually tries to solve a problem that does not exist. If you want to change support vendors for open source software somewhere during the software lifecycle you just do it. Mature risk management of open source will lead to more important questions. For example: is there a good and functioning community of supporters, and will it continue to be so in the future? We then find that there are large differences between the various Linux distributions, for example, with regards to the size of reference implementations and the speed with which security issues are patched. Different ecosystems, different risks, they ask for different risk control measures.

By Peter HJ van Eijk, Cloud Computing Coach, Author and Speaker – Peter HJ van Eijk is one of the world's most experienced independent cloud trainers. His website can be visited hereVisit Page
Follow CircleID on
Related topics:
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Domain Names

Sponsored byVerisign

Whois

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform